Biometric tokenized networks

ABSTRACT

Biometric tokenized networks. In one embodiment, a system includes a network and a server. The server includes a memory storing a biometric token vault, a communication interface, and an electronic processor. The electronic processor is configured to: receive a biometric token (i.e., identity token), a merchant identifier, and transaction details via the network, confirm a uniqueness of the biometric token with a second biometric token stored in the biometric token vault, generate a relationship identifier based on the merchant identifier and a global unique identifier linked to the second biometric token, and determine whether the relationship identifier is associated with a payment account reference, and output the merchant identifier, the transaction details, and a personal account number associated with the payment account reference to an issuer via the network in response to determining that the relationship identifier is associated with the payment account reference.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. Provisional Application No.63/059,696, filed on Jul. 31, 2020, the entire content of which ishereby incorporated by reference.

FIELD OF THE INVENTION

The present disclosure relates generally to tokenized networks. Morespecifically, the present disclosure relates to combining remunerationcapabilities, included but not limited to tokenized remittance, withbiometrically-initiated interactions.

SUMMARY

The biometric tokenized networks of the present disclosure provideseveral distinct improvements and advantages over other networks. Firstand foremost, the biometric tokenized networks establish secure andprivacy-enhancing storage of identity tokens on edge devices (i.e.,mobile devices), so that biometrically-enabled transactions may beprocessed in an offline environment when biometric tokens are storedlocally on the edge devices. Further, the improved security and dataprivacy posture enables design, development, and implementation of moreflexible software solutions where biometric data may be processed and/orstored in various configurations (e.g., physical location, on mobiledevice versus cloud, with individual or with digital identity serviceprovider, offline (“cold”) storage versus online (“hot”) storage ofbiometrically-derived data, etc.) with respect to system architecture.

Second, the biometric tokenized networks establish remunerations usingmultiple biometric modalities while having a minimal impact on the sizeof the database and the size of the message necessary to convey thebiometric authentication, remuneration transactions, and/or the relateddigital identity transactions because the identity tokens may be ten totwenty-five times smaller than conventional biometric templates. Inother words, the biometric tokenized networks are more efficient thanconventional networks due to the identity tokens being smaller than theconventional biometric templates.

Third, the biometric tokenized networks establish the inclusion ofidentity tokens into signed verifiable credentials (VC) for the purposeof conveying a trusted message associated with a specific registeredindividual and linked to a specific remuneration account, and facilitatethe biometric authentication within the tokenized network.

Additionally, the biometric tokenized networks lowersecurity/data-privacy risks by processing and transmitting biometrictokens (i.e., identity tokens) in lieu of encrypted biometric templatesin the cloud and on the mobile device (i.e., point of service).

One embodiment of the present disclosure includes a first system. Thefirst system including a network and a server. The server including amemory storing a biometric token vault, a communication interface, andan electronic processor that is communicatively connected to the memory,the communication interface, the electronic processor configured to:receive a biometric token, a merchant identifier, and transactiondetails via the network, confirm a uniqueness of the biometric tokenwith a second biometric token stored in the biometric token vault,generate a relationship identifier based on the merchant identifier anda global unique identifier linked to the second biometric token, anddetermine whether the relationship identifier is associated with aremuneration account reference, and output the merchant identifier, thetransaction details, and a personal account number associated with theremuneration account reference to an issuer via the network in responseto determining that the relationship identifier is associated with theremuneration account reference.

Another embodiment of the present disclosure includes a second system.The second system including a network, a biometric capture device, and aserver. The biometric capture device including a memory storing abiometric token vault, a communication interface, a biometric capturecircuitry, and an electronic processor that is communicatively connectedto the memory, the communication interface, and the biometric capturecircuitry, the electronic processor configured to: control the biometriccapture circuitry to capture biometric information of an individual,generate a biometric token based on the biometric information, confirm auniqueness of the biometric token with a second biometric token storedin the biometric token vault, and generate a relationship identifierbased on a merchant identifier and a global unique identifier linked tothe second biometric token. The server including a memory, acommunication interface, and an electronic processor that iscommunicatively connected to the memory, the communication interface,the electronic processor configured to: receive the relationshipidentifier, the merchant identifier, and transaction details via thenetwork, determine whether the relationship identifier is associatedwith a remuneration account reference, and output the merchantidentifier, the transaction details, and a personal account numberassociated with the remuneration account reference to an issuer via thenetwork in response to determining that the relationship identifier isassociated with the remuneration account reference.

Yet another embodiment of the present disclosure includes a thirdsystem. The third system including a network and a biometric capturedevice. The biometric capture device including a memory storing abiometric token vault, a communication interface, a biometric capturecircuitry, and an electronic processor that is communicatively connectedto the memory, the communication interface, and the biometric capturecircuitry, the electronic processor configured to: control the biometriccapture circuitry to capture biometric information of an individual,generate a biometric token based on the biometric information, confirm auniqueness of the biometric token with a second biometric token storedin the biometric token vault, generate a relationship identifier basedon a merchant identifier and a global unique identifier linked to thesecond biometric token, retrieve a customer profile associated with therelationship identifier, and output remuneration information from thecustomer profile, the merchant identifier, and transaction details viathe network.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 illustrates a flow diagram of a comparative payment networksystem.

FIG. 2 illustrates a first example system for a tokenized network withbiometric payments.

FIG. 3 illustrates an example flow diagram of the example system of FIG.2.

FIG. 4 illustrates a second example system for a tokenized network withbiometric payments.

FIG. 5 illustrates an example flow diagram of the example system of FIG.4.

FIG. 6 illustrates a second example flow diagram of the example systemof FIG. 4.

FIG. 7 illustrates a third example flow diagram of the example system ofFIG. 4.

FIG. 8 illustrates an example flow diagram for either of the examplesystems of FIGS. 2 and 4.

FIG. 9 illustrates a second example flow diagram for either of theexample systems of FIGS. 2 and 4.

FIG. 10 illustrates a fourth example flow diagram 1000 of the examplesystem 400 of FIG. 4.

DETAILED DESCRIPTION OF THE EMBODIMENTS

Before any embodiments of the present disclosure are explained indetail, it is to be understood that the present disclosure is notlimited in its application to the details of construction and thearrangement of components set forth in the following description orillustrated in the following drawings. The present disclosure is capableof other embodiments and of being practiced or of being carried out invarious ways.

FIG. 1 illustrates a flow diagram 100 of a comparative payment networksystem. In the example of FIG. 1, the flow diagram 100 includes a user102, a merchant and/or service provider 104, a payment with a card orsmart device 106, an acquirer 108, a payments network 110, an issuer112, and a token service 114.

In the flow diagram 100, the user 102 pays for a product or service fromthe merchant and/or service provider 104 with the payment with the cardor the smart device 106. The card information of the payment with thecard or the smart device 106, the merchant ID of the merchant and/orservice provider 104, and the transaction details are sent to anacquirer 108. The acquirer 108 determines whether the card informationis a personal account number (PAN) from a card or a token from a smartdevice.

Responsive to determining that the card information is the PAN, theacquirer 108 transmits the card information relating to the payment withthe card or the smart device 106, the merchant ID of the merchant and/orservice provider 104, and the transaction details to the issuer 112 viathe payments network 110. Responsive to determining that the cardinformation is the token, the acquirer 108 transmits the cardinformation relating to the payment with the card or the smart device106, the merchant ID of the merchant and/or service provider 104, andthe transaction details to the token service 114 via the paymentsnetwork 110. The token service 114 determines a payment accountreference (PAR) that matches the token and determines the PAN associatedwith the PAR. The token service 114 then transmits the PAN, the merchantID of the merchant and/or service provider 104, and the transactiondetails to the issuer 112 via the payments network 110.

However, the token service 114 cannot process a biometric token becausethe biometric token is incompatible with the token service 114. Thebiometric token is incompatible with the token service 114 because thePAR in the token service 114 cannot be matched to an unknown biometrictoken. The comparative system 100 does not process biometric data nordoes it facilitate for the use of biometric tokens as a means to processpayments and related transactions.

FIG. 2 illustrates a first example system 200 for a tokenized networkwith biometric payments. The biometric capture device 204 and the server218 may be owned by, or operated by or on behalf of, an administrator.The server 218 may also be implemented by one or more networked computerservers. The biometric capture device 204 and the server 2018 could beconnected via a network that does not require online connectivity.

The biometric capture device 204 includes an electronic processor 206, acommunication interface 208, a memory 210, a biometric capture circuitry214, and a display screen (not shown). The biometric capture device 204may sometimes include a local deployment of a token vault 228. It shouldbe understood that, in some embodiments, the biometric capture device204 may include fewer or additional components in configurationsdifferent from that illustrated in FIG. 2. Also the biometric capturedevice 204 may perform additional functionality than the functionalitydescribed herein. In addition, some of the functionality of thebiometric capture device 204 may be incorporated into other servers(e.g., incorporated into the server 218) and vice-versa. As illustratedin FIG. 2, the electronic processor 206, the memory 210, thecommunication interface 208, the biometric capture circuitry 214, andthe display screen are electrically coupled by one or more control ordata buses enabling communication between the components.

The electronic processor 206 is a microprocessor or another suitableprocessing device that executes machine-readable instructions stored inthe memory 210. For example, the electronic processor 206 may executeinstructions stored in the memory 210 to perform the functionalitydescribed herein.

The memory 210 may include a program storage area (for example, readonly memory (ROM)) and a data storage area (for example, random accessmemory (RAM), and other non-transitory, machine-readable medium). Theprogram storage area includes a biometric tokenization service 212. Insome examples, the biometric tokenization service 212 may be astandalone application. In other examples, the biometric tokenizationservice 212 is a feature that is part of a separate application (e.g.,the biometric tokenization service 212 may be included as part of acamera application, a banking application, or other suitableapplication). The data storage area includes a biometric tokenrepository (not shown). Although shown within the biometric capturedevice 204, memory 210 may be, at least in part, implemented as networkstorage that is external to the biometric capture device 204 andaccessed via the communication interface 208. For example, all or partof memory 210 may be housed on the “cloud.” The communication interface208 may be implemented as one or both of a wired network interface and awireless network interface.

The biometric tokenization service 212 causes the electronic processor206 to generate a biometric token from the biometric informationcaptured by the biometric capture circuitry 214. For example, when thebiometric capture circuitry 214 is a camera, the biometric tokenizationservice 212 causes the electronic processor 206 to generate a biometrictoken from a facial image of the individual 240 captured by the camera.The biometric token, in one example, may be generated by a uniquebiometric transformation mechanism, e.g., a biometric algorithmdeveloped by TrustStamp.ai®.

The biometric token also includes a timestamp or some form of temporalinformation. The biometric token as described herein is a “live”biometric token that must have been generated within a certain thresholdas evidenced by the timestamp or other form of temporal information thatis included in the biometric token. A “live” biometric token preventsbiometric tokens that are older than a predetermined amount of time, orother previously created token, or synthetically-generated tokens, etc.from being considered in the biometric remuneration system (whereremuneration may be considered equivalent to “payment”).

The server 218 includes an electronic processor 220, a communicationinterface 222, and a memory 224. The electronic processor 220 iscommunicatively coupled to the communication interface 222 and thememory 224. The electronic processor 220 is a microprocessor or anothersuitable processing device. The communication interface 222 may beimplemented as one or both of a wired network interface and a wirelessnetwork interface. The memory 224 is one or more of volatile memory(e.g., RAM) and non-volatile memory (e.g., ROM, FLASH, magnetic media,optical media, et cetera). In some examples, the memory 224 is also anon-transitory computer-readable medium. The memory 224 may be, at leastin part, implemented as network storage that is external to the server218 and accessed via the communication interface 222. For example, allor part of memory 224 may be housed on the “cloud.”

The biometric token vault 228 may be stored within a transitory ornon-transitory portion of the memory 224. The biometric token vault 228includes machine readable instructions that are executed by processor220 to perform the functionality of the server 218 as described belowwith respect to FIG. 2. For example, in the illustrated embodiment, thedatabase 226 may include the biometric token vault that stores thebiometric token generated by the biometric capture device 204 regardingthe individual 240. The Biometric token vault 228 may be based on acentralized and/or decentralized data storage system.

The biometric capture device 204 may be a web-compatible mobilecomputer, such as a laptop, a tablet, a smart phone, or other suitablecomputing device. Alternately, or in addition, the biometric capturedevice 204 may be a desktop computer. Additionally, in some examples,the biometric capture circuitry 214 may be an external device connectedto the biometric capture device 204. The biometric capture circuitry 214may be one or more biometric scanning devices (e.g., a device that scansfingerprints, facial features, irises, handwriting, or other biometricfeatures) now known or subsequently developed.

FIG. 3 illustrates an example flow diagram 300 of the example system 200of FIG. 2. In the example of FIG. 3, the flow diagram 300 includes auser 302, a merchant and/or service provider 304, a biometrictokenization service 212, an acquirer 308, a payments network 310, anissuer 312, and a token service 230. The user 302, the merchant and/orservice provider 304, the acquirer 308, the payments network 310, andthe issuer 312 are similar to the user 102, the merchant and/or serviceprovider 104, the biometric token 106, the acquirer 108, the paymentsnetwork 110, the issuer 112, and the token service 114 as describedabove in FIG. 1. Consequently, redundant description of these componentsof the flow diagram 300 is not repeated.

In the flow diagram 300, the payment with the card or the smart device106 of FIG. 1 is entirely replaced with the biometric tokenizationservice 212. A biometric token is generated by the electronic processor206 of the biometric capture device 204 executing the biometrictokenization service 212 as described above in FIG. 2. As illustrated inFIG. 3, a biometric token (i.e., one example of the identity token 306),the merchant ID of the merchant and/or service provider 304, and thetransaction details are sent to the acquirer 308.

The acquirer 308 determines whether a biometric token is included withthe merchant ID and the transaction details. Responsive to determiningthat the biometric token is included with the merchant ID and thetransaction details, the acquirer 308 transmits the biometric token 306,the merchant ID of the merchant and/or service provider 304, and thetransaction details to the token service 230 via the payments network310.

The token service 230 determines whether the biometric token is uniqueand that the biometric token matches a second biometric token stored inthe biometric token vault 228. Responsive to matching the biometrictoken to a second biometric token, the token service generates arelationship identifier based on the merchant ID and the secondbiometric token. In some examples, the relationship identifier,biometric token, and other transaction-relevant data may be embeddedinto a verifiable credential (VC).

After generating the relationship identifier, the token service 230retrieves a payment account reference (PAR) associated with therelationship identifier that is generated. After retrieving the PAR, thetoken service 230 determines the PAN associated with the PAR. The tokenservice 230 then transmits the PAN, the merchant ID of the merchantand/or service provider 304, and the transaction details to the issuer312 via the payments network 310.

FIG. 4 illustrates a second example system 400 for a tokenized networkwith biometric payments. In the example of FIG. 4, the second examplesystem 400 includes a biometric capture device 404, a server 418, anetwork 460, and an individual 440. The biometric capture device 404 andthe server 418 are similar to the biometric capture device 202 and theserver 218 as described above in FIG. 2. Consequently, redundantdescription of the biometric capture device 404 and the server 418 willnot be repeated.

Unlike the memory 226 of the server 218, the memory 410 of the biometriccapture device 404 includes the database 426 and the biometric tokenvault 428. Additionally, as described in greater detail below, thebiometric tokenization service 412 includes some of the functions of thetoken service 230 as described above in FIG. 3.

FIG. 5 illustrates an example flow diagram 500 of the example system 400of FIG. 4. In the example of FIG. 5, the flow diagram 500 includes auser 502, a merchant and/or service provider 504, a biometrictokenization service 412, an acquirer 508, a payments network 510, anissuer 512, and a token service 430. The user 502, the merchant and/orservice provider 504, the acquirer 508, the payments network 510, andthe issuer 512 are similar to the user 102, the merchant and/or serviceprovider 104, the biometric token 106, the acquirer 108, the paymentsnetwork 110, the issuer 112, and the token service 114 as describedabove in FIG. 1. Consequently, redundant description of these componentsof the flow diagram 500 is not repeated.

In the flow diagram 500, the payment with the card or the smart device106 of FIG. 1 is entirely replaced with the biometric tokenizationservice 412. A biometric token is generated by the electronic processor406 of the biometric capture device 404 executing the biometrictokenization service 412 as described above in FIG. 4.

After generating the biometric token, the biometric tokenization service412 determines whether the biometric token is unique and whether thebiometric token matches a second biometric token stored in the biometrictoken vault 428. Responsive to matching the biometric token to thesecond biometric token, the biometric tokenization service 412 generatesa relationship identifier based on the merchant ID and the secondbiometric token. After generating the relationship identifier, thebiometric tokenization service 412 transmits the relationshipidentifier, the merchant ID of the merchant and/or service provider 504,and the transaction details to the acquirer 508.

The acquirer 508 determines whether a relationship identifier isincluded with the merchant ID and the transaction details. Responsive todetermining that the relationship identifier is included with themerchant ID and the transaction details, the acquirer 508 transmits therelationship identifier, the merchant ID of the merchant and/or serviceprovider 504, and the transaction details to the token service 430 viathe payments network 510.

The token service 430 receives the relationship identifier and retrievesa payment account reference (PAR) associated with the relationshipidentifier that is received. After retrieving the PAR, the token service430 determines the PAN associated with the PAR. The token service 430then transmits the PAN, the merchant ID of the merchant and/or serviceprovider 504, and the transaction details to the issuer 512 via thepayments network 510.

FIG. 6 illustrates a second example flow diagram 600 of the examplesystem 400 of FIG. 4. In the example of FIG. 6, the second example flowdiagram 600 includes a user 602, a merchant and/or service provider 604,and a biometric tokenization service 412. The user 602 and the merchantand/or service provider 604 are similar to the user 102 and the merchantand/or service provider 104 as described above in FIG. 1. Consequently,redundant description of these components of the second example flowdiagram 600 is not repeated.

In the second example flow diagram 600, the payment with the card or thesmart device 106 of FIG. 1 is initiated with the biometric tokenizationservice 412. A biometric token is generated by the electronic processor406 of the biometric capture device 404 executing the biometrictokenization service 412 as described above in FIG. 4. After generatingthe biometric token, the biometric tokenization service 412 determineswhether the biometric token is unique and whether the biometric tokenmatches a second biometric token stored in the biometric token vault428. Responsive to matching the biometric token to the second biometrictoken, the biometric tokenization service 412 generates a relationshipidentifier based on the merchant ID and the second biometric token.After generating the relationship identifier, the biometric tokenizationservice 412 transmits the relationship identifier, the merchant ID ofthe merchant and/or service provider 604, and the transaction details tothe merchant and/or service provider 604, which maintains a link betweena unique relationship identifier and a customer profile identifier. Thecustomer profile identifier is associated with a customer profileincluding payment information. For example, the payment information mayinclude deferred payment information, card on file payment information,gift card or voucher balance payment information, a discount code orcoupon, an application for a new financial product/service, an optionfor individual to further engage with the merchant/service provider,means to access digital currency account (i.e., bitcoin, etc.), or acombination thereof

The merchant and/or service provider 604 determines whether arelationship identifier is included with the merchant ID and thetransaction details. Responsive to determining that the relationshipidentifier is included with the merchant ID and the transaction details,the merchant and/or service provider 604 processes the transaction usingthe payment information from the customer profile that is associatedwith the relationship identifier.

FIG. 7 illustrates a third example flow diagram 700 of the examplesystem 400 of FIG. 4. In the example of FIG. 7, the third example flowdiagram 700 includes a user 702, a merchant and/or service provider 704,a biometric tokenization service 412, a payment network 710, an issuer712, a token service 714, and a card on file 716. The user 702, themerchant and/or service provider 704, the payment network 710, theissuer 712, and the token service 714 are similar to user 102, themerchant and/or service provider 104, the payment network 110, theissuer 112, and the token service 114 as described above in FIG. 1.Consequently, redundant description of these components of the thirdexample flow diagram 700 is not repeated.

In the third example flow diagram 700, the payment with the card or thesmart device 106 of FIG. 1 is initiated with the biometric tokenizationservice 412. A biometric token is generated by the electronic processor406 of the biometric capture device 404 executing the biometrictokenization service 412 as described above in FIG. 4. After generatingthe biometric token, the biometric tokenization service 412 determineswhether the biometric token is unique and whether the biometric tokenmatches a second biometric token stored in the biometric token vault428. Responsive to matching the biometric token to the second biometrictoken, the biometric tokenization service 412 generates a relationshipidentifier based on the merchant ID and the second biometric token.After generating the relationship identifier, the biometric tokenizationservice 412 transmits the relationship identifier, the merchant ID ofthe merchant and/or service provider 704, and the transaction details tothe merchant and/or service provider 704.

The merchant and/or service provider 704 determines whether arelationship identifier is included with the merchant ID and thetransaction details. Responsive to determining that the relationshipidentifier is included with the merchant ID and the transaction details,the merchant and/or service provider 704 processes the transaction usingthe payment information from the customer profile that is associatedwith the relationship identifier with the issuer 712 via the paymentnetwork 710.

In some examples, the payment information from the customer profile maybe token-based payment information. In these examples, the merchantand/or service provider 704 transmits the token-based paymentinformation to the server 418 via the payment network 710, where thetoken-based payment information is processed with the token service 430.

In other examples, the payment information from the customer profile maybe an existing personal account number (PAN). In these examples, themerchant and/or service provider 704 transmits the PAN to the issuer 712via the payment network 710.

FIG. 8 illustrates an example flow diagram 800 for either of the examplesystems of FIGS. 2 and 4. In the example flow diagram 800, a userregisters with a service provider (e.g., a financial service provider ora merchant) by providing biometric information to the service provider.The service provider creates a unique data account (e.g., a customeraccount) that stores a biometric token (e.g., an identity token) basedon the biometric information provided by the user.

After creating the unique data account, a biometric payment networkaccount is created and enabled for transactions by creating a privateglobal unique identifier and a unique relationship identifier based onthe private global unique identifier and the merchant ID. The uniquerelationship identifier is only dynamically generated from the privateglobal unique identifier and the merchant ID. The dynamic generation ofthe unique relationship identifier is part of the dynamic accountmapping of the unique data account, and one of the privacy &security-enhancing elements of the present disclosure. A dataorchestration service orchestrates the dynamic account mapping of theunique data account with dynamic token credentials locally and in thecloud and match to the dynamic relationship identifiers.

FIG. 9 illustrates a second example flow diagram 900 for either of theexample systems of FIGS. 2 and 4. In the example flow diagram 900, auser provides biometric information to a second organization connectedto the biometric payment network to enable biometric payments with thesecond organization by generating a second biometric token. The secondbiometric token is verified or identified by the second organization.Additionally, a data orchestration service syncs, reconciles, ornotifies the unique data account regarding the enablement of biometricpayments with the second organization.

The user may also provide a biometric token to an administrator of theunique data account to retrieve a private global unique identifier. Theadministrator may match the biometric token to the private global uniqueidentifier and dynamically generate a relationship identifier based onthe private global unique identifier and the merchant ID. A dataorchestration service orchestrates the dynamic account mapping of theunique data account with dynamic token credentials locally and in thecloud and match to the dynamic relationship identifiers.

FIG. 10 illustrates a fourth example flow diagram 1000 of the examplesystem 400 of FIG. 4. In the example of FIG. 10, the fourth example flowdiagram 1000 includes a user 1002, a merchant and/or service provider1004, a biometric tokenization service 412, a network service provider1010, a token service 1014, and a card on file 1016. The user 1002, themerchant and/or service provider 1004, the payment network 1010, and thetoken service 1014 are similar to user 102, the merchant and/or serviceprovider 104, the payment network 110, the issuer 112, and the tokenservice 114 as described above in FIG. 1. Consequently, redundantdescription of these components of the fourth example flow diagram 1000is not repeated.

In the fourth example flow diagram 1000, the payment with the card orthe smart device 106 of FIG. 1 is initiated with the biometrictokenization service 412. A biometric token is generated by theelectronic processor 406 of the biometric capture device 404 executingthe biometric tokenization service 412 as described above in FIG. 4.After generating the biometric token, the biometric tokenization service412 determines whether the biometric token is unique and whether thebiometric token matches a second biometric token stored in the biometrictoken vault 428. Responsive to matching the biometric token to thesecond biometric token, the biometric tokenization service 412 generatesa relationship identifier based on the merchant ID and the secondbiometric token. After generating the relationship identifier, thebiometric tokenization service 412 transmits the relationshipidentifier, the merchant ID of the merchant and/or service provider1004, and the transaction details to the merchant and/or serviceprovider 1004.

The merchant and/or service provider 1004 determines whether arelationship identifier is included with the merchant ID and thetransaction details. Responsive to determining that the relationshipidentifier is included with the merchant ID and the transaction details,the merchant and/or service provider 1004 processes the transactionusing the payment information from the customer profile that isassociated with the relationship identifier with the issuer 1012 via thenetwork service provider 1010.

In some examples, the payment information from the customer profile maybe token-based payment information. In these examples, the merchantand/or service provider 1004 transmits the token-based paymentinformation to the server 418 via the network service provider 1010,where the token-based payment information is processed with the tokenservice 430.

In other examples, the payment information from the customer profile maybe an existing personal account number (PAN). In these examples, themerchant and/or service provider 1004 transmits the PAN internally viathe network service provider 1010.

Many different arrangements of the various components depicted, as wellas components not shown, are possible without departing from the spiritand scope of the present disclosure. Embodiments of the presentdisclosure have been described with the intent to be illustrative ratherthan restrictive. Alternative embodiments will become apparent to thoseskilled in the art that do not depart from its scope. A skilled artisanmay develop alternative means of implementing the aforementionedimprovements without departing from the scope of the present disclosure.It should thus be noted that the matter contained in the abovedescription or shown in the accompanying drawings is to be interpretedas illustrative and not in a limiting sense.

What is claimed is:
 1. A system comprising: a network; and a serverincluding a memory storing a biometric token vault, a communicationinterface, and an electronic processor that is communicatively connectedto the memory, the communication interface, the electronic processorconfigured to: receive a biometric token, a merchant identifier, andtransaction details via the remuneration network, confirm a uniquenessof the biometric token with a second biometric token stored in thebiometric token vault, generate a relationship identifier based on themerchant identifier and a global unique identifier linked to the secondbiometric token, determine whether the relationship identifier isassociated with a remuneration account reference, and output themerchant identifier, the transaction details, and a personal accountnumber associated with the remuneration account reference to an issuervia the network in response to determining that the relationshipidentifier is associated with the remuneration account reference.
 2. Thesystem of claim 1, wherein the merchant identifier identifies a merchantselected from a group consisting of: a store, a health clinic, and afinancial institution.
 3. The system of claim 1, wherein the biometrictoken includes a timestamp or other temporal information.
 4. The systemof claim 1, wherein the biometric token is based on a biometric image ofan individual.
 5. The system of claim 4, wherein the biometric image isan image selected from a group consisting of: a facial image, an irisimage, a finger image, and a fingerprint image.
 6. The system of claim1, wherein the personal account number is a gift card account number,and wherein the issuer is a merchant identified by the merchantidentifier.
 7. The system of claim 1, wherein the personal accountnumber is a debit card account number or a credit card account number.8. A system comprising: a network; a biometric capture device includinga memory storing a biometric token vault, a communication interface, abiometric capture circuitry, and an electronic processor that iscommunicatively connected to the memory, the communication interface,and the biometric capture circuitry, the electronic processor configuredto: control the biometric capture circuitry to capture biometricinformation of an individual, generate a biometric token based on thebiometric information, confirm a uniqueness of the biometric token witha second biometric token stored in the biometric token vault, andgenerate a relationship identifier based on a merchant identifier and aglobal unique identifier linked to the second biometric token; and aserver including a memory, a communication interface, and an electronicprocessor that is communicatively connected to the memory, thecommunication interface, the electronic processor configured to: receivethe relationship identifier, the merchant identifier, and transactiondetails via the network, determine whether the relationship identifieris associated with a remuneration account reference, and output themerchant identifier, the transaction details, and a personal accountnumber associated with the remuneration account reference to an issuervia the network in response to determining that the relationshipidentifier is associated with the remuneration account reference.
 9. Thesystem of claim 8, wherein the merchant identifier identifies a merchantselected from a group consisting of: a store, a health clinic, and afinancial institution.
 10. The system of claim 8, wherein the biometrictoken includes a timestamp or other temporal information.
 11. The systemof claim 8, wherein the biometric information is a biometric image ofthe individual.
 12. The system of claim 11, wherein the biometric imageis an image selected from a group consisting of: a facial image of theindividual, an iris image of the individual, a finger image of theindividual, and a fingerprint image of the individual.
 13. The system ofclaim 8, wherein the personal account number is a gift card accountnumber, and wherein the issuer is a merchant identified by the merchantidentifier.
 14. The system of claim 8, wherein the network is a paymentnetwork, and wherein the personal account number is a debit card accountnumber or a credit card account number.
 15. A system comprising: anetwork; a biometric capture device including a memory storing abiometric token vault, a communication interface, a biometric capturecircuitry, and an electronic processor that is communicatively connectedto the memory, the communication interface, and the biometric capturecircuitry, the electronic processor configured to: control the biometriccapture circuitry to capture biometric information of an individual,generate a biometric token based on the biometric information, confirm auniqueness of the biometric token with a second biometric token storedin the biometric token vault, generate a relationship identifier basedon a merchant identifier and a global unique identifier linked to thesecond biometric token, retrieve a customer profile associated with therelationship identifier, and output remuneration information from thecustomer profile, the merchant identifier, and transaction details viathe network.
 16. The system of claim 15, wherein the merchant identifieridentifies a merchant selected from a group consisting of: a store, ahealth clinic, and a financial institution.
 17. The system of claim 15,wherein the biometric token includes a timestamp or other temporalinformation.
 18. The system of claim 15, wherein the biometricinformation is a biometric image of the individual.
 19. The system ofclaim 16, wherein the biometric image is an image selected from a groupconsisting of: a facial image of the individual, an iris image of theindividual, a finger image of the individual, and a fingerprint image ofthe individual.
 20. The system of claim 15, wherein the remunerationinformation includes information of a card on file.